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Method for the anonymous authentication of a data transmitter 



Field of the invention 

The present invention relates to the secure exchange of data 
over a network linking various devices and to the authentication of the 
source of data sent over a network. 



State of the art 

In certain cases, it is necessary for a data receiver device to be 
10 sure that the transmitter that has transmitted the data was indeed 
authorized to do so by a trusted third party without the receiver of the data 
knowing the identity of the transmitter, the data also being likely to be 
relayed by an intermediate device. All known schemes of authenticating a 
data transmitter imply that the receiver of the data knows the transmitter. 

15 

Summary of the invention 

One aim of the invention is therefore to propose a method by 
which a transmitter of data can prove that it was indeed authorized to 
transmit the data by a trusted third party without the receiver of the data 

20 knowing the identity of the transmitter. 

Accordingly, the invention concerns a method for verifying that 
data received by a receiver have been sent by a transmitter authorized by 
a trusted third party, the transmitter and the receiver being connected to a 
digital network. According to the invention, an identifier is associated with 

25 the data sent by the transmitter and the method comprises the steps 
consisting, for the receiver, in: 

(a) generating a random number; 

(b) bradcasting said random number over the network; 

(c) receiving from the transmitter a response computed by 
30 applying a first function to said random number and to said identifier; and 

(d) verifying the received response by applying a second function 
to the received response, to said random number and to said identifier; 

the first function having previously been delivered to the 
transmitter by the trusted third party and the second function being a 
35 function for verifying the result of the first function, previously delivered by 
the trusted third party to the receiver. 

The transmitter may be either the initial transmitter of the data in 
the network, or an intermediate device between the initial transmitter and 
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the receiver of the data which has for example stored the data transmitted 
by the initial transmitter. 

According to a variant of the invention, the step (b) is replaced 
by a step consisting in sending the random number to the transmitter. 
5 According to an embodiment of the invention, the receiver 

inhibits access to the data if the response received in the step (c) is not 
correct or if no response is received after the expiry of a predetermined 
time starting from the transmission of the random number. 

The identifier associated with the data sent by the transmitter is 
10 preferably a random number generated by the initial transmitter of the data 
in the network and attached to these data by the initial transmitter. 
Naturally, this identifier gives no information on the identity of the 
transmitter. 

The invention also relates to a method for proving that data sent 
15 to a receiver have been transmitted by a transmitter authorized by a trusted 
third party, the transmitter and the receiver being connected to a digital 
network. According to this aspect of the invention, an identifier is 
associated with the data sent by the transmitter and the method comprises 
the steps consisting, for the transmitter, in: 
20 (a) receiving a random number from the receiver; 

(b) computing a response by applying a first function to 
said random number and to said identifier; 

(c) sending the response to the receiver. 

The response is likely to be verified by the receiver by applying a 
25 second function to the received response, to said random number and to 
said identifier; the first function having previously been delivered to the 
transmitter by the trusted third party and the second function being a 
function for verifying the result of the first function, previously delivered by 
the trusted third party to the receiver. 
30 According to the principle of the invention, a trusted third party 

delivers to all the devices likely to be initial or intermediate transmitters in a 
network, the first function used to compute the response in the context of 
the above method. The trusted third party also delivers to all the devices 
likely to be receivers in the network, the second function for verifying the 
35 response computed with the aid of the first function. 

Brief description of the drawings 
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The invention will be better understood on reading the 
description that follows, given only as an example and made with reference 
to the appended drawings in which: 

-figure 1 represents a domestic digital network in which the 
5 invention is embodied; 

- figures 2 and 3 illustrate two exemplary embodiments of the 

invention. 

Detailed description of the embodiments of the invention 

10 On the basis of the principle of the invention explained above, 

several scenarios are possible. 

According to a first scenario, a first transmitter, that will be called 
Alice, and a second transmitter, that will be called Charlie, transmit 
messages respectively called Ma and Mc over a network to which a 

15 receiver, that will be called Bob is connected. With the message Ma Alice 
transmits an identifier IdEventA which identifies the message Ma and with 
the messagie Mc Chariie transmits an identifier IdEventc which identifies 
the message Mc. 

Alice and Charlie who are both connected to the network receive 

20 respectively the messages Mc and Ma transmitted by the other transmitter 
of the network, but they do not retain them. Bob also receives the two 
messages and it is assumed that he wants to retain only the message Ma. 
To be sure that Ma comes from a source authorized by a trusted third party, 
Bob launches a challenge/response protocol in the following manner. Bob 

25 generates a random number C (the challenge) then broadcasts it over the 
network. Alice and Charlie both receive the challenge C. 

Prior to this, it is assumed that the trusted third party has 
delivered to Alice and Charlie a response computation function G and has 
delivered to Bob a corresponding response verification function H such that 

30 this function H returns 0 if the response is incorrect and 1 if the response is 
correct. 

When Alice and Chariie receive the challenge C transmitted by 
Bob, they compute respectively responses Ra and Rc as follows: 

Alice: Ra = G(ldEventA, C); 
35 Chariie: Rc = G(ldEventc, C); 

then they send respectively the responses Ra and Rc to Bob. 

Bob then verifies each response by computing H(C, Rx, 
IdEventx) where X = A and C. If all the results returned by the function H 
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are zero, then Bob does not retain the message Ma which is considered as 
not originating from a safe source. On the other hand, if at least one result 
returned by H equals 1 (in the example, it will be H(C, Ra, IdEventA)), then 
Bob accepts the message Ma because he is sure that it originates from a 
5 transmitter authorized by the trusted third party. 

According to a second scenario, a transmitter, Alice, broadcasts 
a message Ma accompanied by an identifier IdEventA over a network to 
which a receiver Bob and an intermediate entity, that will be called 

10 Deborah, are connected. Initially, it is supposed that Bob is not interested 
in the message Ma and that he does not retain it. Deborah however stores 
the message Ma and its identifier IdEventA. 

Later, when Alice is no longer broadcasting any message, it is 
supposed that Deborah broadcasts the stored message Ma and its 

15 identifier IdEventA over the network. Alice, being a transmitter only, does 
not retain Ma- Bob receives Ma and wants to retain it. To ensure that it 
originates from a source authorized by a trusted third party, Bob launches a 
challenge/response protocol in the following manner. Bob generates a 
random number C (the challenge) then broadcasts it over the network. 

20 Previously, it is supposed that the trusted third party has 

delivered to Alice and Deborah a response computation function G and has 
delivered to Bob a corresponding response verification function H such that 
this function H returns 0 if the response is incorrect and 1 if the response is 
correct. 

25 Alice and Deborah receive the challenge C. Since Alice is not 

transmitting a message, she does not take account of the challenge C. 
Deborah however computes a response Rd = G(ldEventA, C) and sends 
this response to Bob. Bob then verifies this response by computing H(C, 
Rd, IdEventA). If the function H returns 0. then Bob does not retain the 

30 message Ma. On the other hand, if the function H returns 1, then Bob 
accepts the message Ma which is considered as originating from an 
authorized source. 

It will be noted that in the two scenarios described above, the 
35 receiver entity Bob, even though he is capable of responding to the source 
of the message, does not know whether the message he receives 
originates from a transmitter (such as Alice) or from an intermediate device 

PF020035 PCT as filed 



- 5- 

(such as Deborah) and above all he does not know the identity of the 
transnnitter of the nnessage Ma. 



A description will now be given of a nnore concrete examplary 
5 embodiment of the invention with reference to figure 1 in which an STB 
(Set Top Box) decoder 1, a DTV (Digital Television) receiver 2 and an SU 
(Storage Unit) 3 are represented. 

It is supposed that the data broadcast over this network 
represent audiovisual programs comprising Audio and Video bit streams 
10 transported in a data transport stream as defined in the standard 
ISO/IEC 13818-1 "Information technology - Generic coding of moving 
pictures and associated audio information: Systems". 

The decoder 1 represents a transmitter of data over the network; 
it transmits data that it receives for example from a satellite antenna or 
15 from a cable connection. The digital television 2 represents a receiver of 
data over the network. The storage unit 3 for its part represents an 
intermediate device capable of retransmitting over the network data 
received from another transmitter device of the network. 

These three devices are connected to a digital bus 4, for 
20 example a bus according to the IEEE 1394 standard, and thus form a 
digital home network. The messages transmitted over the network are sent 
via the isochronous channel of the bus 4 and the messages that are 
addressed are sent via the asynchronous channel of the bus 4. 

The trusted third party which delivers a function G for computing 
25 a response to a challenge/response protocol to the transmitter or 
intermediate devices of the network (in our example, the decoder 1 and the 
storage unit 3) and which delivers a response verification function H to the 
receiver devices of the network (in our example the digital television 2) is 
for example the manufacturer of the devices. 

30 

As concerns the choice of the functions G and H, three 
embodiments will be envisaged. 

According to a first preferred embodiment, the function G is a 
public function that uses a secret key K in order to compute a response R 
35 based on a challenge C and on an identifier IdEvent (i.e. R = Gk(C, 
IdEvent)). To guarantee that the transmitter or intermediate devices are 
compliant devices, authorized by the trusted third party, the secret K is 
inserted into these devices, in a secure storage zone that must not be 
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subsequently accessible (for example in a secure processor, particularly 
included in a smart card). 

The function H is in this case a function that computes a 
response R' based on the challenge C and on the identifier IdEvent by 
5 applying the function G with the secret key K and which then compares the 
result with the received response R. H is a boolean function which 
delivers a zero value "0" if R' is different from R and which delivers a "1" 
value if R' equals R. In this case, the secret key K must also be previously 
inserted by the trusted third party into the receiver devices. 

10 A function G corresponding to the above definition may in 

particular be an encryption function such as the AES function described in 
particular in "FIPS 197: Specification of the Advanced Encryption Standard 
(AES) - 26 November 2001" available at the following Internet address: 
http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf. It may also be a 

15 hashing function such as the HMAC-SHA1 function described in particular 
in "FIPS Publication 198: The Keyed-Hash Message Authentication Code 
(HMAC), National Institute of Standards and Technology. 2001" available 
at the following Internet address: 

http://csrc.nist.gov/publications/fips/fips1 98/fips-1 98a.pdf. 

20 

In a second embodiment, the function G is a secret function that 
is inserted into the transmitter or intermediate devices considered to be 
compliant and authorized by the trusted third party. Preferably, this function 
must be chosen in order to be very difficult to find by analyzing the 

25 products that contain it. In addition, this function must be resistant to 
adaptive chosen-plaintext attacks. 

As in the first embodiment, the function H is in this case a 
boolean function which computes a response R' based on the challenge C 
and on the identifier IdEvent by applying the secret function G and which 

30 then compares the result R' with the received response R, delivering a zero 
value "0" if R' is different from R and delivering a "1" value if R' equals R. In 
this embodiment, the secret function G must therefore also be previously 
inserted by the trusted third party into the receiver devices. 

35 In a third embodiment, the functions G and H are public 

functions using a pair of asymmetric keys (private key/public key). The 
function G is for example a function for generating a signature with the aid 
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of a private key and the function H is a function for verifying a signature 
with the aid of the corresponding public key. 

For example the RSA (Rivest, Shamir and Adieman) signature 
functions will be used as follows: 
5 R = G(C, IdEvent) = RSASignKPRi(C, IdEvent) and 

H(C, R, IdEvent) = RSAVerifKPUB(C, R, IdEvent); where KPRI 
and KPUB are the private key and the public key of one and the same pair 
of RSA keys. 

In this case, the private key is inserted into the transmitter or 
10 intermediate devices of the network by the trusted third party and the public 
key is inserted into the receiver devices of the network. 

It will be assumed in what follows that the first embodiment has 
been chosen in which the function G is the HMAC-SHA1 function and that 
15 a secret key K is included in an inviolable storage zone of the decoder 
STB 1, of the digital television receiver DTV 2 and of the storage unit SU 3. 

First scenario: the STB transmits a program directiv to the DTV 

20 As illustrated in figure 2, when the user of the decoder STB 1 

selects a new program so that it is broadcast in the network, the STB 
randomly generates a program identifier IdEvent (step 20), which is 
preferably a number of 128 bits and it inserts this identifier into the 
messages contained in the packets transporting the data representing the 

25 program. The data transport stream is then broadcast over the network (on 
the isochronous channel of the bus 4) during the step 21. It is received by 
the digital television DTV 2 which extracts the messages containing the 
identifier from the received data packets in order finally to retrieve this 
identifier IdEvent (step 22). 

30 The DTV then generates in step 23 a challenge C which is 

preferably a random number of 128 bits, and it broadcasts this challenge C 
over the network during the step 24. When the STB receives the challenge 
G, it computes the response in the step 25: 

R = G(C, IdEvent), or more precisely: 

35 RsTB = HMAC-SHA1k(C, IdEvent) 

and addresses this response to the DTV via the asynchronous 
channel of the bus 4 (step 26). 
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The storage unit SU 3, which also receives the challenge C does 
not respond since it is not in the process of transmitting data. 

When the DTV receives the response R=Rstb from the STB, it 
applies the function H (R, C, IdEvent) to verify the response R (step 27) 
5 which means computing: 

Rdtv = HMAC-SHA1k(C, IdEvent) and comparing this result with 
the received response Rstb- If the two values are the same, then the DTV 
considers that the received program originates from a transmitter 
authorized by the trusted third party and can be presented to the user. 
10 OthenA/ise, the DTV does not display the received program to the user. If 
the DTV receives no response after a predetermined time has elapsed 
since the challenge C was sent over the network, it also blocks the display 
of the received program. 

At the end of the protocol, the challenge C and the identifier 
15 IdEvent are erased from the memories of the STB and the DTV. 

Second scenario: the STB trahshiits a program that is stored by 
the SU which subseauentiv transmits it to the DTV. 

20 This scenario is illustrated by figure 3. 

Initially, it is assumed that the user of the STB selects a new 
program. The STB then generates an identifier IdEvent (step 30) as in the 
first scenario above and it inserts this identifier into messages included in 
the data transport packets representing the program before broadcasting 

25 the data transport stream over the network (step 31). 

The SU then stores the data stream representing the program. 
The user has for example chosen not to view immediately the program that 
is broadcast by the decoder and prefers to store it in order to play it back 
later. 

30 Secondly, the user wants to play back the stored program. The 

SU therefore broadcasts the program over the network during a step 32. 
The DTV receiveis the data packets and extracts froni them the messages 
containing the identifier IdEvent in step 33, 

The DTV then generates a challenge C as in the first scenario 
35 (step 34) and it broadcasts this challenge over the network (steps 35, 35'). 

The SU receives this challenge C. so it computes the response 

in step 36: 

R = G(C. IdEvent), or more precisely: 
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Rsu = HMAC-SHA1k(C, IdEvent) 

and addresses this response to the DTV via the asynchronous 
channel of the bus 4 (step 37). 

The STB which is not in the process of broadcasting data does 
5 not respond to the challenge C which it also receives. 

When the DTV receives the response R=Rsu from the SU, it 
applies the function H (R, C, IdEvent) to verify the response R (step 38) 
which involves computing: 

Rdtv = HMAC-SHA1k(C, IdEvent) and comparing this result with 
10 the received response Rsu- If the two values are the same, then the DTV 
considers that the received program originates from a transmitter 
authorized by the trusted third party and can be presented to the user. In 
the contrary case, or when no response has been received after a 
predetermined time after the challenge C was sent by the DTV, the latter 
15 does not display the received program to the user. 

It will be noted that when the STB has finished transmitting the 
program initially, it then erases the idientifier IdEvent from its memory. 

At the end of the protocol, the challenge C and the identifier 
IdEvent are also erased from the memories of the SU and the DTV. 

20 

In a variant embodiment of the invention, particularly in the two 
scenarii explained above, it is possible to replace the step of broadcasting 
over the network the challenge C computed by the DTV with a step of 
sending this challenge C to the transmitter of the data (the STB in the first 
25 scenario or the SU in the second scenario). In this case, only the 
transmitter of the data receives the challenge C. Specifically, the existing 
digital network management protocols allow a receiver of data to respond 
to the source of the data without knowing its identity. 

30 In another variant embodiment, the receiver of the data 

broadcasts over the network, in addition to the challenge C. the identifier 
IdEvent associated with the data that it has received (for example in step 
24 in figure 2, or in step 35, 35' in figure 3). Each transmitting network 
appliance that receives the challenge C and the identifier IdEvent verifies 

35 whether it should respond to this challenge by comparing the received 
identifier IdEvent with that which it may just have generated in order to 
broadcast data. The transmitter responds only if the identifier received with 
the challenge corresponds to its current identifier IdEvent. This prevents all 
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the transmitters that are broadcasting data in the network fronn responding 
when a challenge C is sent by a receiver. 



The invention has the following advantages in particular: 
5 Even if several transmitter or intermediate devices are 

connected to the network, only that which has been authorized by the 
trusted third party and which has sent the data is capable of responding to 
the challenge/response protocol initiated by the receiver of the data. 

The protocol does not divulge any information concerning the 
10 transmitter to the receiver. This achieves the objective of an anonymous 
authentication of the transmitter device. 

The protocol is based only on the application layer and requires 
no special feature on the data transport layer. 
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